Ejemplo n.º 1
0
function deleteUser()
{
    $user = new User();
    $user->deleteUser($_POST['usr_id']);
    if (isset($_SESSION['id']) && $_SESSION['id'] == $_POST['usr_id']) {
        logout();
    }
}
Ejemplo n.º 2
0
 /**
  * Enter description here ...
  */
 public function deleteAction()
 {
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
     $request = $this->getRequest();
     $ids = $request->getParam('cid');
     $user = new User();
     $user->deleteUser($ids);
     $this->_redirect('admin/user/show');
 }
Ejemplo n.º 3
0
function deleteUser($id)
{
    global $bdd, $_TABLES;
    if (!is_null($bdd) && !is_null($_TABLES)) {
        $objUser = new User($bdd, $_TABLES);
        $objUser->deleteUser($id);
    } else {
        error_log("BDD ERROR : " . json_encode($bdd));
        error_log("TABLES ERROR : " . json_encode($_TABLES));
    }
}
Ejemplo n.º 4
0
function logged_in()
{
    session_start();
    if (isset($_SESSION['password']) == FALSE) {
        return FALSE;
    }
    //echo 'girmedi';
    if (isset($_SESSION['creation'])) {
        if (time() - $_SESSION['creation'] > 180) {
            User::deleteUser($_SESSION['password']);
            return FALSE;
        }
    } else {
        return FALSE;
    }
    return TRUE;
}
 public function go()
 {
     if (isset($_GET['id'])) {
         $id = $_GET['id'];
     }
     if (isset($_POST['submit'])) {
         if ($_POST['username'] == '') {
             $this->addErrorMessage("Name of the user should not be empty");
         } elseif ($_POST['email'] == '') {
             $this->addErrorMessage("Email should not be empty");
         } elseif ($_POST['full_name'] == '') {
             $this->addErrorMessage("Please enter your full name");
         } elseif ($_POST['is_activated'] == '') {
             $this->addErrorMessage("Is the user activated or not");
         } elseif ($_POST['type'] == '') {
             $this->addErrorMessage("Please select the type of the user");
         } else {
             $this->username = $_POST['username'];
             $this->email = $_POST['email'];
             $this->password = $_POST['password'];
             $this->full_name = $_POST['full_name'];
             $this->is_activated = $_POST['is_activated'];
             $this->type = $_POST['type'];
             User::updateUser($id, $this->username, $this->full_name, $this->email, $this->password, $this->is_activated, $this->type);
             $this->addSuccessMessage("User details have been updated succesfully");
         }
     }
     $users = User::getUser($id);
     $this->setViewTemplate('edituser.tpl');
     $this->addToView('user', $users[0]);
     $this->generateView();
     if (isset($_POST['deletesubmit'])) {
         User::deleteUser($id);
         $this->addSuccessMessage("User has been deleted succesfully");
         header('Location:' . SOURCE_ROOT_PATH . "admin/pages/usermanager.php?source=del");
     }
 }
$usr = $db->select($us->getUserById($id))->fetch_assoc();
// if submit button is pressed
if (isset($_POST['submit'])) {
    // simple validation
    if ($name == '' && !isset($_POST['name']) || $setadmin == '' && !isset($_POST['isAdmin'])) {
        // set error
        $error = 'Please fill out all required fields.';
    } else {
        //assign variables
        $name = mysqli_real_escape_string($db->link, $_POST['name']);
        $isadmin = mysqli_real_escape_string($db->link, $_POST['isAdmin']);
        $update_row = $db->update($us->updateUser($name, $isadmin, $id));
    }
}
if (isset($_POST['delete'])) {
    $delete_row = $db->delete($us->deleteUser($id));
}
// password change section
if (isset($_POST['submit2'])) {
    if (isset($_POST['password']) && isset($_POST['newPassword']) && isset($_POST['confirmPassword']) && $_POST['password'] != '' && $_POST['newPassword'] != '' && $_POST['confirmPassword'] != '') {
        $newPassword = $_POST['newPassword'];
        $confirm = $_POST['confirmPassword'];
        if ($newPassword == $confirm) {
            $newPassword = password_hash($newPassword, PASSWORD_DEFAULT);
            $password = $_POST['password'];
            $password = password_hash($password, PASSWORD_DEFAULT);
            // get password
            $row = $db->select($us->getPasswordById($id))->fetch_assoc();
            if ($row) {
                $hash = $row['Password'];
                if (password_verify($_POST['password'], $hash)) {
Ejemplo n.º 7
0
<?php

// Include common functions and declarations
require_once "../../include/common.php";
// Create user object
$user = new User(getGetValue("userId"));
// Check if user is webmaster
if (!$user->hasEditPermission()) {
    $login->printLoginForm();
    exit;
}
// Delete user
$deleteUser = getValue("deleteUser");
if (!empty($deleteUser)) {
    // Delete user
    $user->deleteUser();
    // Redirect to user index
    redirect(scriptUrl . "/" . folderUsers);
} else {
    if (!empty($_GET["save"])) {
        // Save user data
        $errors = $user->saveUser();
        // Redirect to user index
        if (!$errors->hasErrors()) {
            redirect(scriptUrl . "/" . folderUsers);
        }
    }
}
// Add navigation links
$site->addNavigationLink(scriptUrl . "/" . folderAdmin, $lAdminIndex["Header"]);
$site->addNavigationLink(scriptUrl . "/" . folderUsers, $lUserIndex["Header"]);
Ejemplo n.º 8
0
<?php

require_once dirname(__FILE__) . "/../conf/config.php";
require_once dirname(__FILE__) . "/../conf/functions.php";
if ($_SERVER['REQUEST_METHOD'] != "POST") {
    // nothing
} else {
    $user = new User();
    $user->deleteUser($_POST['id']);
}
header('Location: index.php');
exit;
Ejemplo n.º 9
0
 /**
  *  @brief Detete user
  *
  *  DELETE https://server/pathname/version/username
  *
  *  Deletes the user account.
  *  NOTE: Requires simple authentication with the username and password associated with the account.
  *
  *  Return value:
  *  0 on success
  *
  *  Possible errors:
  *    503: there was an error removing the user
  *    404: the user does not exist in the database
  *    401: authentication failed
  *
  *  @param string $userName
  */
 private function deleteUser($syncUserHash)
 {
     if (User::syncUserExists($syncUserHash) == false) {
         Utils::changeHttpStatus(Utils::STATUS_NOT_FOUND);
         return true;
     }
     if (User::authenticateUser($syncUserHash) == false) {
         Utils::changeHttpStatus(Utils::STATUS_INVALID_USER);
         return true;
     }
     $userId = User::userHashToId($syncUserHash);
     if ($userId == false) {
         Utils::changeHttpStatus(Utils::STATUS_INVALID_USER);
         return true;
     }
     if (Storage::deleteStorage($userId) == false) {
         Utils::changeHttpStatus(Utils::STATUS_MAINTENANCE);
         return true;
     }
     if (User::deleteUser($userId) == false) {
         Utils::changeHttpStatus(Utils::STATUS_MAINTENANCE);
         return true;
     }
     OutputData::write('0');
     return true;
 }
Ejemplo n.º 10
0
<?php

// making Sql connection
require_once 'settings\\db_settings.php';
require_once 'db.php';
require_once 'elements/user.php';
$db = DB::start();
User::$db = $db;
head();
switch (true) {
    case isset($_GET['edit']):
        break;
    case isset($_GET['delete']):
        User::deleteUser($_GET['delete']);
        break;
    case isset($_GET['delete_confirm']):
        User::confirmDeleteUser($_GET['delete_confirm']);
    case true:
        User::listUsers();
        break;
}
footer();
function head()
{
    ?>
	<!DOCTYPE html>
	<html>
		<head>
		</head>
		<body>
		<?php 
Ejemplo n.º 11
0
    $user2 = new User(Input::get('uid'));
    if (!$user2->exist()) {
        session::flash('error', 'The user does not exists!');
        Redirect::to(path . 'index.php');
    }
} else {
    session::flash('error', 'The user does not exists!');
    Redirect::to(path . 'index.php');
}
if (Input::exists()) {
    if (Token::check(Input::get('token'))) {
        $val = new Validation();
        $val->check($_POST, array('id' => array('required' => true)));
        if ($val->passed()) {
            try {
                $user2->deleteUser(Input::get('id'));
                session::flash('complete', 'You deleted ' . $user2->data()->name);
                Redirect::to(path . 'index.php');
            } catch (Exception $e) {
                session::flash('error', $e->getMessage());
                Redirect::to(path . 'index.php');
            }
        }
    }
}
?>
<html>
	<head>
		<?php 
include path . 'assets/php/css.php';
?>
Ejemplo n.º 12
0
 */
header('content-type: text/html; charset=utf-8');
session_start();
include "./classElement.php";
include "./classUser.php";
if (isset($_POST['Registruotis']) && $_POST['Registruotis'] == 'Registruotis') {
    $_SESSION["user"] = $_POST['user'];
    $_SESSION["pass"] = $_POST['pass'];
}
if ($_SESSION["user"] == "trinti" && $_SESSION["pass"] == "leidziama") {
    $user = new User();
    /**
     * Vartotojo trinimas
     */
    if ($_GET['action'] == "delete") {
        $user->deleteUser($_GET['id']);
        echo $user->createUsersList($_GET['sort']);
        /**
         * Vartotojo duomenu keitimas
         */
    } elseif ($_GET['action'] == "edit") {
        $user->getUserData($_GET['id']);
        if (isset($_GET['name'])) {
            $userName = $_GET['name'];
            $email = $_GET['email'];
        } else {
            $userName = $user->getUserName();
            $email = $user->getUserEmail();
        }
        $id = $_GET['id'];
        if (isset($_GET['Ivesti']) && $_GET['Ivesti'] == 'Įvesti') {
Ejemplo n.º 13
0
});
$app->get('/users/:id', function ($id) use($app) {
    $user = new User();
    $user->getUser($app, $id);
});
$app->post('/users', function () use($app) {
    $user = new User();
    $user->createUser($app);
});
$app->put('/users/:id', function ($id) use($app) {
    $user = new User();
    $user->modifyUser($app, $id);
});
$app->delete('/users/:id', function ($id) use($app) {
    $user = new User();
    $user->deleteUser($app, $id);
});
// **
//Connexion
// **
$app->post('/connexion', function () use($app) {
    $co = new theConnexion();
    $co->connexion($app);
});
$app->post('/inscription', function () use($app) {
    $co = new theConnexion();
    $co->inscription($app);
});
// Welcome in routing
function welcome()
{
Ejemplo n.º 14
0
            } elseif ($user['user_group'] == "user") {
                $smarty->assign("selectedadmin", "");
                $smarty->assign("selectedmanager", "");
                $smarty->assign("selecteduser", "selected");
            }
            $smarty->assign("menu", $_SESSION['user']->getGroup());
            $smarty->assign("content", $menu);
            break;
        case 'userSaveUpdate':
            $smarty->assign("title", "Modification enregistrée ");
            $smarty->assign("pseudo", $_SESSION['pseudo']);
            $smarty->assign("email", $_SESSION['email']);
            $smarty->assign("group", $_SESSION['group']);
            $smarty->assign("menu", $_SESSION['user']->getGroup());
            $smarty->assign("content", "userSave");
            break;
        case 'userDelete':
            $userId = $_GET["id"];
            User::deleteUser($userId);
            $_SESSION['userList'] = User::getAllUser();
            $smarty->assign("title", "Gestion des utilisateurs");
            $smarty->assign("menu", $_SESSION['user']->getGroup());
            $smarty->assign("content", "userList");
            $smarty->assign("userList", $_SESSION['userList']);
            $smarty->assign("size", $_SESSION['size']);
            break;
    }
    $smarty->display('homePage.tpl');
} else {
    Url::relocate('home.php');
}
Ejemplo n.º 15
0
<?php

require_once 'includes/header.php';
if ($request['action'] == 'users') {
    $title = "Account Management";
    if (isset($_POST['action'])) {
        if ($_POST['action'] == 'delete') {
            // Deleting the User's account
            User::deleteUser($_POST['uid']);
        } elseif ($_POST['action'] == "change_permission") {
            // Granting a new permission
            switch ($_POST['permission_level']) {
                case 'No Access':
                case 'New Applicant':
                case 'Member':
                    $required_permission = $user->getDirectorAccess();
                    break;
                case 'Director':
                case 'CEO':
                    $required_permission = $user->getCEOAccess();
                    break;
                case 'Admin':
                    $required_permission = $user->getAdminAccess();
                    break;
            }
            if ($required_permission) {
                if ($user->getAdminAccess()) {
                    // Admins can change permissions for anyone in the auth
                    $stmt = $db->prepare('UPDATE user_accounts SET access = ? WHERE uid = ?');
                    $stmt->execute(array($_POST['permission_level'], $_POST['uid']));
                } else {
Ejemplo n.º 16
0
 public function deleteUser($id)
 {
     $user = User::deleteUser($id);
     return $user;
 }
Ejemplo n.º 17
0
<?php

include_once "classDBAndUser.php";
if (!User::isAdmin()) {
    echo "Not is admin...";
    exit;
}
if ($_GET['t'] == "delete") {
    if (intval($_GET['id']) <= 0) {
        echo "Invalid ID";
    } else {
        $result = User::deleteUser(intval($_GET['id']));
        if (isError($result)) {
            echo dError($result);
        }
    }
    exit;
}
if ($_GET['t'] == "list") {
    $list = $db->l("SELECT * FROM user", false);
    ?>

	<a href="javascript:form_add('adminUser');"><img src="./images/add.png">Agregar Usuario</a><br /><br />
    <table width = "100%">
        <tr>
            <th>Nombre</th><th>E-Mail</th><th>Usuario</th><th>Opciones</th>
        </tr>

        <?php 
    for ($i = intval($_GET['ind']); $i < min(intval($_GET['ind']) + ITEMS_PAGE, count($list)); ++$i) {
        echo "<tr " . ($i % 2 == 0 ? 'class="odd"' : 'class="even"') . ">" . "<td>{$list[$i]['name']}</td><td>{$list[$i]['mail']}</td><td>{$list[$i]['user']}</td>" . "<td><a href='javascript:form_update({$list[$i]['id']},\"adminUser\");'><img src='images/page_edit.png' alt='Editar' title='Editar'></a> | <a href='javascript:form_delete({$list[$i]['id']},\"{$list[$i]['name']}\",\"adminUser\");'><img src='images/delete.png' alt='Eliminar' title='Eliminar'></a></td></tr>";
Ejemplo n.º 18
0
function _adminUsers()
{
    isUserLoggedIn();
    switch ($_POST['actiune']) {
        case 'edit':
            reset($_POST);
            $key = key($_POST);
            $user_id = explode("_", $key);
            $user = new User(getDbh());
            $user_details = $user->getUserDetails($user_id[1]);
            $grupa = new Grupa(getdbh());
            $groupsDetails = $grupa->fetchAll();
            $result['grupa'] = $groupsDetails;
            $result['user'] = $user_details;
            $result['ID'] = $user_id[1];
            $data['msg'][] = View::do_fetch(VIEW_PATH . 'modifica_user.tpl.php', $result);
            View::do_dump(VIEW_PATH . 'layout.php', $data);
            break;
        case 'delete':
            reset($_POST);
            $key = key($_POST);
            $user_id = explode("_", $key);
            $user = new User(getDbh());
            if ($user->deleteUser($user_id[1]) == true) {
                $data['msg'][] = " Userul a  fost sters cu success";
                $data['redirect'][] = 'administrare/show_users';
                View::do_dump(VIEW_PATH . 'layout.php', $data);
            } else {
                $data['msg'][] = " Userul nu a fost sters";
                $data['redirect'][] = 'administrare/show_users';
                View::do_dump(VIEW_PATH . 'layout.php', $data);
            }
            break;
        case 'delete_all':
            $sterse = 0;
            $nesterse = 0;
            $user = new User(getDbh());
            foreach ($_POST as $key) {
                if ($key == 'delete_all') {
                    continue;
                } else {
                    $user_id = explode("_", $key);
                    if ($user->deleteUser($user_id[1]) == true) {
                        $sterse++;
                    } else {
                        $nesterse++;
                    }
                }
            }
            if ($sterse > 0) {
                $data['msg'][] = $sterse . "useri au fost stersi cu success";
                $data['redirect'][] = 'administrare/show_users';
                View::do_dump(VIEW_PATH . 'layout.php', $data);
            } else {
                $data['msg'][] = $nesterse . "useri nu au fost stersi";
                $data['redirect'][] = 'administrare/show_users';
                View::do_dump(VIEW_PATH . 'layout.php', $data);
            }
            break;
        default:
            //echo "wrong action"
            break;
    }
}
Ejemplo n.º 19
0
<?php

/**
 * Created by PhpStorm.
 * User: Hoan
 * Date: 11/5/2015
 * Time: 1:12 PM
 */
//Khởi động session
session_start();
//Kiểm tra nếu chưa đăng nhập thì quay về trang đăng nhập
if (!isset($_SESSION['user'])) {
    header('location:login.php');
}
//Require các file cần thiết
require '../../config/Config.php';
require '../../models/User.php';
//Lấy user_id từ URL
$user_id = $_GET['user_id'];
//Khởi tạo đối tượng thành viên (User)
$userModel = new User();
//Xóa
$userModel->deleteUser($user_id);
//Quay về trang danh sách thành viên
header('location:list.php');
Ejemplo n.º 20
0
<?php

require_once '../dbFunction.php';
session_start();
$delete_account = new User();
$delete_account->deleteUser($_SESSION['pseudo']);
$_SESSION = array();
session_destroy();
unset($_SESSION);
header('Location: index.php');
Ejemplo n.º 21
0
<?php

require_once "../../src/UserAccountControl.php";
if (isset($_POST)) {
    $User = new User();
    $result = $User->deleteUser($_POST['user_id'], (bool) $_POST['flag_delete'] or false);
    if (is_array($result)) {
        echo json_encode($result);
    } else {
        echo $result;
    }
}
Ejemplo n.º 22
0
</head>
<body>

<?php 
include_once "list_controller.php";
include_once "client_functions.php";
include_once "deleter.php";
include_once "users.php";
//("users.php");
//echo 'something good';
//session_start();
if (isset($_POST['lout'])) {
    session_start();
    //echo $_SESSION['password'];
    //echo $tst;
    User::deleteUser($_SESSION['password']);
    //echo 'passed';
    logout();
    //direct('google.com');
}
list_verify();
$link_list = "";
$id = 0;
foreach (list_docs() as $doc) {
    # code...
    $current_html = "<input type='radio' name='docname' value='{$doc}'>{$doc}<br>";
    $link_list .= $current_html;
}
echo '<div class="login-card">';
echo '<h1>Book List</h1>';
echo "<form action='ajax_viewer.php' method='post' accept-charset='utf-8'>\n\t\t{$link_list}\n<br/><input type='submit' name='doc_form' value='Read' class='login login-submit'>\n</form>";
Ejemplo n.º 23
0
                case 'users':
                    if ($action == 'add') {
                        $template->page_title = 'Add New User';
                        if (isset($_POST['submit'])) {
                            User::addUser($_POST);
                            redirect($options['site_url'] . '/admin.php?area=' . $area);
                        }
                    } else {
                        if ($action == 'view') {
                            $template->page_title = 'View User';
                            if (isset($_POST['submit'])) {
                                User::saveUser($id, $_POST);
                                redirect($options['site_url'] . '/admin.php?area=' . $area);
                            }
                            if (isset($_POST['delete'])) {
                                User::deleteUser($id);
                                redirect($options['site_url'] . '/admin.php?area=' . $area);
                            }
                        } else {
                            $template->page_title = 'Manage Users';
                        }
                    }
                    break;
            }
            load_template('admin-' . $template->subnav['area'][$area]['template']);
        } else {
            $template->page_title = 'Admin Dashboard';
            load_template('admin-dashboard');
        }
    }
}
Ejemplo n.º 24
0
$reponse->description = "";
$reponse->auteur = "";
$reponse->theme = "";
$reponse->confid = "";
$reponse->jaime = "";
$reponse->lien = "";
if (isset($_POST['id']) && !empty($_POST['id']) && isset($_POST['op']) && !empty($_POST['op'])) {
    $id = $_POST['id'];
    $op = $_POST['op'];
    /* Inclusion du fichier de connexion à la BD */
    include_once "connect-bd.php";
    if ($op == "suppuser") {
        $user = new User($bdd);
        $image = new Image($bdd);
        $galerie = new Galerie($bdd);
        $suppression = $user->deleteUser($id);
        if ($suppression) {
            $suppression = $image->deleteUserImages($id);
            if ($suppression) {
                $suppression = $galerie->deleteUserGalleries($id);
                if ($suppression) {
                    $bdd = null;
                    $reponse->success = true;
                } else {
                    $reponse->message = "galerie";
                }
            } else {
                $reponse->message = "image";
            }
        } else {
            $reponse->message = "utilisateur";
Ejemplo n.º 25
0
<?php

if (isset($_GET['id'])) {
    require_once '../../module/Connexion.php';
    require_once '../../module/model/user.php';
    require_once '../../module/model/commentaire.php';
    $user = new User();
    $result = $user->deleteUser($_GET['id']);
    #delete all comments for this user
    $comment = new Commentaire();
    $comment->deleteAllCommentForUserId($_GET['id']);
    if ($result) {
        header("location:../../admin/users/editer");
    } else {
        header("location:../../admin/users/editer?c=failed");
    }
} else {
    header("location:../../layout/Intrusion/url.inc");
}
Ejemplo n.º 26
0
 static function testUser()
 {
     $user = new User();
     $logout = User::logout();
     $_POST["user"] = self::generateRandomString();
     $_POST["pass"] = self::generateRandomString();
     $_POST["email"] = self::generateRandomString();
     if ($register = User::createUser()) {
         echo 'CREATE USER: <font color="green">Stworzono uzytkownika o id: ' . $register . ' Dane: ' . $_POST["user"] . ' Haslo: ' . $_POST["pass"] . '</font></br>';
     } else {
         echo 'CREATE USER: <font color="red">ERROR!</font>';
     }
     $login = User::login();
     $id = User::getUID();
     if ($login == true) {
         echo 'LOGIN: <font color="green">Zalogowano, twoje UID: ' . $id . '</font></br>';
     } else {
         echo '<font color="red">LOGIN: ERROR!</font></br>';
         return false;
     }
     if (User::checkLogin()) {
         echo 'CHECK LOGIN: <font color="green">Zalogowany</font></br>';
     } else {
         echo 'CHECK LOGIN: <font color="red">Niezalogowany</font></br>';
         return false;
     }
     if ($delete = User::deleteUser() == true) {
         echo 'DELETE USER: <font color="green">Usunieto uzytkownika</font></br>';
     } else {
         echo 'DELETE USER: <font color="red">ERROR</font></br>';
         return false;
     }
     User::logout();
     if (!isset($_SESSION["uid"])) {
         echo 'LOGOUT: <font color="green">Wylogowano!</font></br>';
     } else {
         echo 'LOGOUT: <font color="red">ERROR!</font></br>';
         return false;
     }
     return true;
 }
Ejemplo n.º 27
0
            }
            /*
                   $user, $pass, $fk_id_person, $pk_id_user, $fk_id_role
                     * */
            // print_r($_POST);
            $pk_id_user = $user->updateUser($_POST['USER_NAME'], $_POST['PASSWORD'], $_POST['PK_ID_PERSON'], $_POST['PK_ID_USER'], $_POST['ROL']);
            if ($pk_id_user) {
                Forms::setMessage('SUCCESS', 'Transaccion Exitosa!!', 'Los datos de usario se actualizaron correctamente!');
            } else {
                Forms::setMessage('ERROR', 'Transaccion erronea!!', 'Los datos de usario No se actualizaron correctamente!');
            }
        }
        break;
    case 'DELETE':
        $data1 = array($_GET['PK_ID_USER']);
        $pk_id_person = $user->deleteUser($data1);
        if ($pk_id_person > 0) {
            Forms::setMessage('SUCCESS', 'Transaccion Exitosa!!', 'Los datos de usario se eliminaron correctamente!');
        } else {
            Forms::setMessage('ERROR', 'Transaccion erronea!!', 'Los datos de usario No se eliminaron correctamente!');
        }
        break;
    default:
        break;
}
?>
 

<div class="grid_10">
            <div class="box round first">
                <h2><?php 
Ejemplo n.º 28
0
    global $app;
    $app->halt(401);
});
$app->get('/user/', function () use($user) {
    echo json_encode($user->getAllUsers());
});
$app->get('/user/:id/', function ($id) use($user) {
    echo json_encode($user->getUserById($id));
});
$app->post('/user/', function () use($user, $app) {
    $new_user = json_decode($app->request->getBody(), true);
    $success = $user->createNewUser($new_user);
    echo $success;
});
$app->delete('/user/:id/', function ($id) use($user) {
    echo $user->deleteUser($id);
});
$app->put('/user/:id/', function ($id) use($user, $app) {
    $details = json_decode($app->request->getBody());
    echo $user->updateUser($id, $details);
});
$app->post('/login/', function () use($app) {
    $login = new Login();
    $email = $app->request->post('email');
    $password = $app->request->post('password');
    if ($login->match($email, $password)) {
        echo json_encode(array("success" => "true"));
    } else {
        echo json_encode(array("success" => "false"));
    }
});
Ejemplo n.º 29
0
 /**
  *  @brief Delete a Mozilla Sync user.
  *
  *  DELETE https://server/pathname/version/username
  *
  *  Deletes the user account.
  *  NOTE: Requires simple authentication with the username and password associated with the account.
  *
  *  Return value:
  *  0 on success
  *
  *  Possible errors:
  *    503: there was an error removing the user
  *    404: the user does not exist in the database
  *    401: authentication failed
  *
  *  @param string $syncHash Mozilla Sync user hash of the user to be deleted.
  */
 private function deleteUser($syncHash)
 {
     if (User::isAutoCreateUser()) {
         //auto create accounts only
         Utils::changeHttpStatus(Utils::STATUS_INVALID_USER);
         Utils::writeLog("Failed to delete user " . $syncHash . ". Delete disabled");
     }
     if (User::syncUserExists($syncHash) === false) {
         Utils::changeHttpStatus(Utils::STATUS_NOT_FOUND);
         Utils::writeLog("Failed to delete user " . $syncHash . ". User does not exist.");
     }
     if (User::authenticateUser($syncHash) === false) {
         Utils::changeHttpStatus(Utils::STATUS_INVALID_USER);
         Utils::writeLog("Authentication for deleting user " . $syncHash . " failed.");
     }
     $syncId = User::syncHashToSyncId($syncHash);
     if ($syncId === false) {
         Utils::changeHttpStatus(Utils::STATUS_INVALID_USER);
         Utils::writeLog("Failed to convert user " . $syncHash . " to Sync ID.");
     }
     if (Storage::deleteStorage($syncId) === false) {
         Utils::changeHttpStatus(Utils::STATUS_MAINTENANCE);
         Utils::writeLog("Failed to delete storage for user " . $syncId . ".");
     }
     if (User::deleteUser($syncId) === false) {
         Utils::changeHttpStatus(Utils::STATUS_MAINTENANCE);
         Utils::writeLog("Failed to delete user " . $syncId . ".");
     }
     OutputData::write('0');
 }
Ejemplo n.º 30
0
if (!$session->is_logged_in()) {
    Redirect::redirectTo('/sha');
}
//Allow access only via ajax requests
if (empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') {
    Redirect::redirectTo('404');
}
// generate a new SID to avoid session fixation
session_regenerate_id(true);
switch ($_POST['action']) {
    // user account deletion
    case 'delete_acc':
        $token = $_POST['token'];
        $pw = $_POST['password'];
        $user = new User();
        $delete = $user->deleteUser($token, USER_ID, $pw);
        if ($delete === true) {
            // delete success
            $session->logout();
            echo "1";
        } else {
            echo json_encode($user->errors);
        }
        break;
        // update user profile info
    // update user profile info
    case 'update_info':
        $database = new Database();
        $data = $_POST['values'];
        unset($_POST);
        // check token validation